motortion – stock.adobe.com
Documents and other material related to the Pfizer/BioNTech Covid-19 vaccine have been stolen in a confirmed cyber attack on the European Medicines Agency (EMA), which has launched a full investigation alongside law enforcement and other security professionals.
The European Union body – formerly located in the UK but lost to the Netherlands due to Brexit – is responsible for facilitating the development of and access to medicines, evaluating applications for marketing authorisation, monitoring the safety of medicines across their lifecycle, and provide information to healthcare professionals and the public.
Like any organisation in the healthcare sector, it has been particularly vulnerable to compromise by malicious actors during 2020, thanks to the Covid-19 pandemic, and its close involvement with the approval of vaccines against the coronavirus.
In a statement, the agency said it will not be providing any additional details whilst its investigation is ongoing, but committed to making further information available “in due course”.
A spokesperson for BioNTech said: “Today, we were informed by the EMA that the agency has been subject to a cyber attack and that some documents relating to the regulatory submission for Pfizer and BioNTech’s Covid-19 vaccine candidate, BNT162b2, which has been stored on an EMA server, had been unlawfully accessed.
“It is important to note that no BioNTech or Pfizer systems have been breached in connection with this incident and we are unaware that any study participants have been identified through the data being accessed.
“At this time, we await further information about EMA’s investigation and will respond appropriately and in accordance with EU law. EMA has assured us that the cyber attack will have no impact on the timeline for its review,” they said.
BioNTech added that its own focus remained “steadfast” on working in close partnership with both governments and regulators to bring its Covid-19 vaccine – which is already available in the UK and has been found to be 95% effective in granting immunity to the virus – to as many people as possible.
Mikko Hyppönen, chief research officer at F-Secure, commented: “Intelligence agencies have a job of defending their nations from outside threats. In that sense it’s not surprising to see intelligence agencies try to steal vaccine research data, if they see Covid-19 as one of those outside threats and if they believe that stealing research data makes it easier to defend their nations.
“BioNTech was able to defend their research as long as it was on their own systems.,” he said. “However, there’s nothing they could do to protect their research data when it was going through regulatory processing on governmental systems. Attackers will find the easiest way to gain access to the data they are after.”
Mark Hendry, director of data protection and cyber security at legal practice DWF, said the lack of further information as to the precise nature of the attack on the EMA was entirely understandable while investigations and preliminary response measures are ongoing.
“Despite some ransomware attack groups making public statements regarding a ceasefire against organisations operating in the health sector during the Covid-19 pandemic, these organisations and sectors have continued to experience cyber-attacks,” he said. “Attacks originate from threat actor groups ranging from criminal ransomware operators to nation state attackers, each with different capabilities and motives.
“Cyber attackers will often lie in wait for the opportune moment, releasing their attack at the point in time when they perceive cyber defences of their target to be weakened and/or when an attack can cause maximum disruption and impact,” said Hendry.
“In this particular example, it comes at a time when the organisation is heavily involved in the vital Europe-wide mission to limit, treat, and vaccinate against Covid-19. In other examples, an attack might be planned and executed when a company is about to launch a new product to market, enter the busiest retail period of the year, or undertake a company acquisition or merger.”
Hendry said that increasing awareness of the mindset of cyber criminals was highly important in anticipating, preparing for and defending against attacks, and urged organisations to consider identifying the planning for major global events – such as Covid-19 – that might cause them to become a target for attack, and ensure that robust defences based on people, processes and technology were in place to thwart them.
The attack on the EMA comes just days after researchers at IBM’s X-Force security unit revealed that elements of the Covid-19 vaccine supply chain were coming under sustained attack by a nation-state backed group.
This campaign has been active since September 2020, and is targeting organisations associated with the cold chain – the part of the supply chain that ensures the preservation of vaccines in temperature-controlled environments when they are being transported.
There is currently no indication or evidence to suggest the attack on the EMA is the work of the same group, or whether or not it was perpetrated by a cyber criminal gang operating independently, or operatives of a state-backed entity.
In this e-guide, we will explore the links between ransomware attacks, data breaches and identity theft. First, Nicholas Fearn investigates the phenomenon of the double extortion attack, and shares some insider advice on how to stop them, while we’ll explore the top five ways data backups can protect against ransomware in the first place.
Although 5G is still years away from mainstream adoption, some enterprises have started rolling out use cases that can deliver …
CIO dashboards can be a vital tool for assessing metrics in real time to gain insight on IT performance and support better …
While no zero-day exploits were included in the red team tools, FireEye released detection rules and known vulnerabilities to …
Enterprises struggle to get the most out of their security operation centers. Using the proper SOC metrics and KPIs can help. …
Companies looking to introduce security testing earlier into software development must look past myths and understand what to …
The Aruba Fabric Composer is best suited for a CX switching fabric within a small and midsize data center. The company also …
Network performance is a top issue among IT teams and remote workers amid the pandemic and can correlate with other technical …
The Apstra acquisition could help Juniper sell networking hardware and software to heterogeneous data centers and large-scale …
Colocation facility costs can include anything from power fees and bandwidth service charges to connectivity expenses, change …
In any multi-tenant IT environment, noisy neighbors can be an issue. Here’s a closer look at how the challenges differ in the …
Use this data center selection checklist to make fair and comprehensive comparisons between colocation data center providers …
Raj Verma, CEO of SingleStore, explains why the vendor rebranded from MemSQL and how its platform is more than just an in-memory …
Collibra CEO discusses the importance of data governance for enterprises and how to tie data governance to business terminology …
The enterprise edition of the MySQL database is being enhanced on Oracle Cloud Infrastructure to enable users to run analytics …
All Rights Reserved, Copyright 2000 – 2020, TechTarget
Privacy Policy
Cookie Preferences
Do Not Sell My Personal Info
